Pub Date : 2025-06-26DOI: 10.1016/j.ijcip.2025.100784
Godslove Ampratwum, Robert Osei-Kyei, Vivian W.Y. Tam
In recent years, public-private partnership (PPP) has been advocated for as a medium to build critical infrastructure resilience. PPPs provides an added value achieved from greater co-operation among public-private sector entities. Performance measurement is critical to identify the difficulties and challenges that affects the PPP in executing their role in building critical infrastructure resilience. While the PPP concept is not novel, the precise performance measurement of a PPP in critical infrastructure resilience has not been explored yet. Key performance resilience indicators provide an assessment to measure the performance of a PPP set up to build critical infrastructure resilience. Since the area of performance assessment of PPP in critical infrastructure resilience has not been examined yet, this study used quantitative approach to develop a performance index to help quantify the performance of the PPP in critical infrastructure resilience using fuzzy synthetic evaluation method. The performance index developed consists of four major critical performance criteria groupings: these include, Hazard Detection, Continuity plans, Disruptive event detection, Functional Performance. The evaluation model can be used to objectively determine the performance of a PPP in building critical infrastructure resilience.
{"title":"Developing a performance assessment tool for building critical infrastructure resilience through Public-Private Partnership in Ghana","authors":"Godslove Ampratwum, Robert Osei-Kyei, Vivian W.Y. Tam","doi":"10.1016/j.ijcip.2025.100784","DOIUrl":"10.1016/j.ijcip.2025.100784","url":null,"abstract":"<div><div>In recent years, public-private partnership (PPP) has been advocated for as a medium to build critical infrastructure resilience. PPPs provides an added value achieved from greater co-operation among public-private sector entities. Performance measurement is critical to identify the difficulties and challenges that affects the PPP in executing their role in building critical infrastructure resilience. While the PPP concept is not novel, the precise performance measurement of a PPP in critical infrastructure resilience has not been explored yet. Key performance resilience indicators provide an assessment to measure the performance of a PPP set up to build critical infrastructure resilience. Since the area of performance assessment of PPP in critical infrastructure resilience has not been examined yet, this study used quantitative approach to develop a performance index to help quantify the performance of the PPP in critical infrastructure resilience using fuzzy synthetic evaluation method. The performance index developed consists of four major critical performance criteria groupings: these include, Hazard Detection, Continuity plans, Disruptive event detection, Functional Performance. The evaluation model can be used to objectively determine the performance of a PPP in building critical infrastructure resilience.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"50 ","pages":"Article 100784"},"PeriodicalIF":4.1,"publicationDate":"2025-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144571862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-06-11DOI: 10.1016/j.ijcip.2025.100782
Alaa O. Khadidos , Adil O. Khadidos , Shitharth Selvarajan , Taher Al-Shehari , Nasser A Alsadhan , Subhav Singh
SCADA systems form the core of infrastructural facilities, including power grids, water treatment facilities, and industrial processes. Changing cyber threats present increasingly sophisticated attacks against which traditional security models inadequately protect SCADA systems. These traditional models usually have drawbacks in the way of inadequate feature selection, inefficiency in detecting most attacks, and suboptimal parameter tuning, which cause vulnerabilities and reduce resilience in systems. This paper presents CyberSentry, a new security framework designed to overcome limitations so as to provide robust protection for SCADA systems. These three modules makeup CyberSentry: the RMIG feature selection model, tri-fusion net for attack detection, and Parrot-Levy Blend Optimization (PLBO) for parameter tuning. The Recursive Multi-Correlation-based Information Gain (RMIG) feature selection model enhances accuracy in detection by optimizing the set of fatal features through recursive multi-correlation analysis by Information Gain prioritization. The Tri-Fusion Net combines anomaly detection, signature-based detection, and machine learning classifiers to enhance the detection versatility and robustness. The PLBO module ensures efficient and dynamic tuning for the parameters through undocumented Parrot and Levy optimization techniques. The proposed CyberSentry framework integrates, within a unified architecture, anomaly detection, signature-based detection, and machine learning classifiers to enhance the security of SCADA systems against diverse cyber threats. Features extracted in this manner are analyzed using machine learning classifiers that exploit their predictive capabilities for robust threat classification. The proposed approaches are fused within the Tri-Fusion Net to complement each other in areas where the separate methods lack certain strengths. This, therefore, ensures broad threat detection, as is validated by extensive testing with various datasets for the assurance of superiority in accuracy and reliability. Validated and tested against a wide variety of datasets, CyberSentry demonstrates an overall accuracy of 99.5 % and a loss of 0.32, proving that this method is both effective and reliable.
{"title":"CyberSentry: Enhancing SCADA security through advanced deep learning and optimization strategies","authors":"Alaa O. Khadidos , Adil O. Khadidos , Shitharth Selvarajan , Taher Al-Shehari , Nasser A Alsadhan , Subhav Singh","doi":"10.1016/j.ijcip.2025.100782","DOIUrl":"10.1016/j.ijcip.2025.100782","url":null,"abstract":"<div><div>SCADA systems form the core of infrastructural facilities, including power grids, water treatment facilities, and industrial processes. Changing cyber threats present increasingly sophisticated attacks against which traditional security models inadequately protect SCADA systems. These traditional models usually have drawbacks in the way of inadequate feature selection, inefficiency in detecting most attacks, and suboptimal parameter tuning, which cause vulnerabilities and reduce resilience in systems. This paper presents CyberSentry, a new security framework designed to overcome limitations so as to provide robust protection for SCADA systems. These three modules makeup CyberSentry: the RMIG feature selection model, tri-fusion net for attack detection, and Parrot-Levy Blend Optimization (PLBO) for parameter tuning. The Recursive Multi-Correlation-based Information Gain (RMIG) feature selection model enhances accuracy in detection by optimizing the set of fatal features through recursive multi-correlation analysis by Information Gain prioritization. The Tri-Fusion Net combines anomaly detection, signature-based detection, and machine learning classifiers to enhance the detection versatility and robustness. The PLBO module ensures efficient and dynamic tuning for the parameters through undocumented Parrot and Levy optimization techniques. The proposed CyberSentry framework integrates, within a unified architecture, anomaly detection, signature-based detection, and machine learning classifiers to enhance the security of SCADA systems against diverse cyber threats. Features extracted in this manner are analyzed using machine learning classifiers that exploit their predictive capabilities for robust threat classification. The proposed approaches are fused within the Tri-Fusion Net to complement each other in areas where the separate methods lack certain strengths. This, therefore, ensures broad threat detection, as is validated by extensive testing with various datasets for the assurance of superiority in accuracy and reliability. Validated and tested against a wide variety of datasets, CyberSentry demonstrates an overall accuracy of 99.5 % and a loss of 0.32, proving that this method is both effective and reliable.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"50 ","pages":"Article 100782"},"PeriodicalIF":4.1,"publicationDate":"2025-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144330246","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A cyber–physical system (CPS) is the foundation of modern industrial infrastructures but is vulnerable to cyber attacks due to its connectivity. Detecting these attacks is crucial, driving research into machine learning and deep learning-based models for intrusion detection systems. Many of these models, though effective, suffer from high computational complexity and large parameter counts, limiting their practicality for real-time deployment. Additionally, extensive data preprocessing, commonly used in attack detection, can introduce drawbacks such as loss of critical information, reduced interpretability, and increased latency. This paper employs the Kolmogorov–Arnold network (KAN) as a lightweight and efficient alternative to conventional models for attack detection in CPSs. With a compact architecture and significantly fewer parameters, KAN achieves high classification accuracy while minimizing computational overhead. It eliminates the need for complex feature extraction and preprocessing, preserving data integrity and enabling faster decision-making. Evaluated on the SWaT, WADI, and ICS-Flow datasets, KAN demonstrates superior performance in detecting cyber attacks across binary and multi-class tasks on both physical and network data. Its low inference time and minimal resource requirements make it a practical solution for real-time CPS security.
{"title":"Using Kolmogorov–Arnold network for cyber–physical system security: A fast and efficient approach","authors":"Mohammadmahdi Ghorbani , Alimohammad Ghassemi , Mohammad Alikhani, Hamid Khaloozadeh, Amirhossein Nikoofard","doi":"10.1016/j.ijcip.2025.100768","DOIUrl":"10.1016/j.ijcip.2025.100768","url":null,"abstract":"<div><div>A cyber–physical system (CPS) is the foundation of modern industrial infrastructures but is vulnerable to cyber attacks due to its connectivity. Detecting these attacks is crucial, driving research into machine learning and deep learning-based models for intrusion detection systems. Many of these models, though effective, suffer from high computational complexity and large parameter counts, limiting their practicality for real-time deployment. Additionally, extensive data preprocessing, commonly used in attack detection, can introduce drawbacks such as loss of critical information, reduced interpretability, and increased latency. This paper employs the Kolmogorov–Arnold network (KAN) as a lightweight and efficient alternative to conventional models for attack detection in CPSs. With a compact architecture and significantly fewer parameters, KAN achieves high classification accuracy while minimizing computational overhead. It eliminates the need for complex feature extraction and preprocessing, preserving data integrity and enabling faster decision-making. Evaluated on the SWaT, WADI, and ICS-Flow datasets, KAN demonstrates superior performance in detecting cyber attacks across binary and multi-class tasks on both physical and network data. Its low inference time and minimal resource requirements make it a practical solution for real-time CPS security.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"50 ","pages":"Article 100768"},"PeriodicalIF":4.1,"publicationDate":"2025-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144240246","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-06-03DOI: 10.1016/j.ijcip.2025.100781
Marie Becker
Both, in the Russian war of aggression against Ukraine and in the proliferation of hybrid attacks on EU territory, critical energy infrastructure has become a primary target. One EU- response to the ensuing need for transnational action consists in the CER-Directive of 2022 on the resilience of critical entities. Its effectiveness now hinges on national implementation, currently pervaded by delay despite the undisputable urgency. To begin to shed some light, this study analyses legal implementation of the directive’s predecessor (ECI-Directive of 2008) to assess explanatory approaches from the discipline of implementation studies in the particular field of critical infrastructure protection. Focusing on the hotspot Baltic Sea Region, it shows how country-specific generalized expectations do not hold and how fundamental misfit between pre-existing national frameworks and a directive can instead help predict deviation. For the ECI-Directive, the study shows significant delays and deviation for individual countries, as well as only limited harmonization across the region.
{"title":"Transposing EU-legislation on critical infrastructure protection legal implementation performance in the Baltic Sea region","authors":"Marie Becker","doi":"10.1016/j.ijcip.2025.100781","DOIUrl":"10.1016/j.ijcip.2025.100781","url":null,"abstract":"<div><div>Both, in the Russian war of aggression against Ukraine and in the proliferation of hybrid attacks on EU territory, critical energy infrastructure has become a primary target. One EU- response to the ensuing need for transnational action consists in the CER-Directive of 2022 on the resilience of critical entities. Its effectiveness now hinges on national implementation, currently pervaded by delay despite the undisputable urgency. To begin to shed some light, this study analyses legal implementation of the directive’s predecessor (ECI-Directive of 2008) to assess explanatory approaches from the discipline of implementation studies in the particular field of critical infrastructure protection. Focusing on the hotspot Baltic Sea Region, it shows how country-specific generalized expectations do not hold and how fundamental misfit between pre-existing national frameworks and a directive can instead help predict deviation. For the ECI-Directive, the study shows significant delays and deviation for individual countries, as well as only limited harmonization across the region.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"50 ","pages":"Article 100781"},"PeriodicalIF":4.1,"publicationDate":"2025-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144366828","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-05-19DOI: 10.1016/j.ijcip.2025.100769
Umar Islam , Hanif Ullah , Naveed Khan , Kashif Saleem , Iftikhar Ahmad
The rapid adoption of Industry 4.0 technologies in renewable energy grids has significantly improved efficiency and scalability. However, this integration has also amplified cybersecurity risks, making conventional Intrusion Detection Systems (IDS) insufficient against evolving cyber threats. This study proposes a novel AI-enhanced Intrusion Detection System (IDS) tailored for smart renewable energy grids, leveraging a multi-stage detection framework that integrates both supervised and unsupervised learning techniques. The proposed IDS combines Random Forest for signature-based detection and Autoencoders for anomaly-based threat identification, enabling real-time detection of both known and zero-day cyber threats. A comprehensive evaluation using real-world cyberattack datasets demonstrates that the system achieves a detection accuracy of 97.8 %, significantly reducing false positives compared to traditional IDS solutions. This work not only enhances the security and resilience of smart grids but also offers a scalable and adaptable cybersecurity framework for Industry 4.0 applications. The findings contribute to the advancement of AI-driven security mechanisms, ensuring the reliability of critical energy infrastructure in the face of sophisticated cyber threats.
{"title":"AI-enhanced intrusion detection in smart renewable energy grids: A novel industry 4.0 cyber threat management approach","authors":"Umar Islam , Hanif Ullah , Naveed Khan , Kashif Saleem , Iftikhar Ahmad","doi":"10.1016/j.ijcip.2025.100769","DOIUrl":"10.1016/j.ijcip.2025.100769","url":null,"abstract":"<div><div>The rapid adoption of Industry 4.0 technologies in renewable energy grids has significantly improved efficiency and scalability. However, this integration has also amplified cybersecurity risks, making conventional Intrusion Detection Systems (IDS) insufficient against evolving cyber threats. This study proposes a novel AI-enhanced Intrusion Detection System (IDS) tailored for smart renewable energy grids, leveraging a multi-stage detection framework that integrates both supervised and unsupervised learning techniques. The proposed IDS combines Random Forest for signature-based detection and Autoencoders for anomaly-based threat identification, enabling real-time detection of both known and zero-day cyber threats. A comprehensive evaluation using real-world cyberattack datasets demonstrates that the system achieves a detection accuracy of 97.8 %, significantly reducing false positives compared to traditional IDS solutions. This work not only enhances the security and resilience of smart grids but also offers a scalable and adaptable cybersecurity framework for Industry 4.0 applications. The findings contribute to the advancement of AI-driven security mechanisms, ensuring the reliability of critical energy infrastructure in the face of sophisticated cyber threats.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"50 ","pages":"Article 100769"},"PeriodicalIF":4.1,"publicationDate":"2025-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144139400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-05-16DOI: 10.1016/j.ijcip.2025.100767
Christopher Hobbs , Zoha Naser , Sarah Tzinieris
In 2024, exploding pagers and walkie-talkies in Lebanon dramatically highlighted the importance of supply chain security and the risk that counterfeiting can pose. This article seeks to explore these issues in the nuclear context. Drawing on new empirical research, it examines how counterfeited materials, items, and technologies have found their way into nuclear supply chains and ultimately to facilities, exploring the impact of this and how the international community has responded. It finds that although counterfeits can and indeed have created significant nuclear risks, historically this issue has received relatively little attention. Here, a general lack of awareness, an overly narrow focus on their impact on critical safety systems, and the absence of comprehensive reporting mechanisms mean that the number of known counterfeits that have penetrated nuclear facilities globally is likely to be significantly underestimated. Although new international efforts in this area aimed at securing the nuclear supply chain have been launched in recent years, there remains much to be done, with considerable variation in the maturity of different countries and organizations’ approaches to this issue.
{"title":"Securing the nuclear supply chain: Addressing the issue of counterfeiting","authors":"Christopher Hobbs , Zoha Naser , Sarah Tzinieris","doi":"10.1016/j.ijcip.2025.100767","DOIUrl":"10.1016/j.ijcip.2025.100767","url":null,"abstract":"<div><div>In 2024, exploding pagers and walkie-talkies in Lebanon dramatically highlighted the importance of supply chain security and the risk that counterfeiting can pose. This article seeks to explore these issues in the nuclear context. Drawing on new empirical research, it examines how counterfeited materials, items, and technologies have found their way into nuclear supply chains and ultimately to facilities, exploring the impact of this and how the international community has responded. It finds that although counterfeits can and indeed have created significant nuclear risks, historically this issue has received relatively little attention. Here, a general lack of awareness, an overly narrow focus on their impact on critical safety systems, and the absence of comprehensive reporting mechanisms mean that the number of known counterfeits that have penetrated nuclear facilities globally is likely to be significantly underestimated. Although new international efforts in this area aimed at securing the nuclear supply chain have been launched in recent years, there remains much to be done, with considerable variation in the maturity of different countries and organizations’ approaches to this issue.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"50 ","pages":"Article 100767"},"PeriodicalIF":4.1,"publicationDate":"2025-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144185048","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Industrial protocols are ubiquitous in industrial control systems (ICS), and their security is intimately tied to the entire industrial infrastructure. Analyzing industrial protocol state machines can assist researchers in understanding the protocol’s state transition rules, event-triggering conditions, and behavioral characteristics. However, the proprietary nature of many industrial protocols and the lack of knowledge about their state machines significantly impede the implementation of related protection measures in ICS. While several protocol state machine inference methods have been proposed, few are practically and widely applicable to industrial protocols. This is primarily attributed to the unique structure of industrial protocols, which poses challenges for protocol state machine inference.
This paper introduces IPSMInfer, a framework that automatically infers industrial proprietary protocol state machines from network traffic. IPSMInfer labels message types based on the length of preprocessed request–response messages, which eliminates the need to identify key protocol fields and restore the original protocol formats. Subsequently, a directed graph is created using the message type labeling results along with their timing relationships to generate a protocol state machine. Finally, the generated protocol state machine is optimized by replaying captured protocol messages and actively interacting with protocol entities to ensure its accuracy and efficiency. We evaluated IPSMInfer using seven programmable logic controllers (PLCs) from five different industrial manufacturers, applying five distinct industrial proprietary protocols. The experimental results clearly demonstrate that IPSMInfer can accurately infer the state machines of these industrial proprietary protocols. It outperforms open-source tools such as ReverX and Netzob by an average of 19.8% and 8.8%, respectively, in terms of protocol state labeling perfection.
{"title":"IPSMInfer: Industrial proprietary protocol state machine inference from network traces","authors":"Yahui Yang, Yangyang Geng, Qiang Wei, Rongkuan Ma, Zihan Wei","doi":"10.1016/j.ijcip.2025.100765","DOIUrl":"10.1016/j.ijcip.2025.100765","url":null,"abstract":"<div><div>Industrial protocols are ubiquitous in industrial control systems (ICS), and their security is intimately tied to the entire industrial infrastructure. Analyzing industrial protocol state machines can assist researchers in understanding the protocol’s state transition rules, event-triggering conditions, and behavioral characteristics. However, the proprietary nature of many industrial protocols and the lack of knowledge about their state machines significantly impede the implementation of related protection measures in ICS. While several protocol state machine inference methods have been proposed, few are practically and widely applicable to industrial protocols. This is primarily attributed to the unique structure of industrial protocols, which poses challenges for protocol state machine inference.</div><div>This paper introduces IPSMInfer, a framework that automatically infers industrial proprietary protocol state machines from network traffic. IPSMInfer labels message types based on the length of preprocessed request–response messages, which eliminates the need to identify key protocol fields and restore the original protocol formats. Subsequently, a directed graph is created using the message type labeling results along with their timing relationships to generate a protocol state machine. Finally, the generated protocol state machine is optimized by replaying captured protocol messages and actively interacting with protocol entities to ensure its accuracy and efficiency. We evaluated IPSMInfer using seven programmable logic controllers (PLCs) from five different industrial manufacturers, applying five distinct industrial proprietary protocols. The experimental results clearly demonstrate that IPSMInfer can accurately infer the state machines of these industrial proprietary protocols. It outperforms open-source tools such as ReverX and Netzob by an average of 19.8% and 8.8%, respectively, in terms of protocol state labeling perfection.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"49 ","pages":"Article 100765"},"PeriodicalIF":4.1,"publicationDate":"2025-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143928466","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-05-09DOI: 10.1016/j.ijcip.2025.100761
EdvanGomes da Silva , MarcusAurélioCarvalho Georg , LuizAntônioRibeiro Júnior , LeonardoRodrigo Ferreira , LaertePeotta de Melo , RafaelRabelo Nunes
Contemporary society heavily relies on systems that process, store, and transmit sensitive and confidential information. However, defining what constitutes critical assets and how to categorize them presents challenges. In this context, applying criteria for classifying Critical Infrastructures (CIs) is essential to determine their criticality for information owners. This study aims to identify which criteria are used to classify an asset as part of CIs based on data from various nations. The methodology adopted involved analyzing public documents that evaluated the definitions and assessment criteria of CIs from 12 countries and organizations. The study’s results provide a technical understanding of the criteria used to define Critical Infrastructures CIs among the analyzed countries, highlighting a predominance of criteria related to people, social aspects, economic factors, geographic considerations, and interdependencies. These findings indicate a consistent alignment among the studied nations regarding the criteria that define their respective CIs. These findings have practical implications for risk and asset managers, equipping them with the necessary knowledge to apply CI assessment methodologies effectively.
{"title":"International perspectives on critical infrastructure: Evaluation criteria and definitions","authors":"EdvanGomes da Silva , MarcusAurélioCarvalho Georg , LuizAntônioRibeiro Júnior , LeonardoRodrigo Ferreira , LaertePeotta de Melo , RafaelRabelo Nunes","doi":"10.1016/j.ijcip.2025.100761","DOIUrl":"10.1016/j.ijcip.2025.100761","url":null,"abstract":"<div><div>Contemporary society heavily relies on systems that process, store, and transmit sensitive and confidential information. However, defining what constitutes critical assets and how to categorize them presents challenges. In this context, applying criteria for classifying Critical Infrastructures (<em>CIs</em>) is essential to determine their criticality for information owners. This study aims to identify which criteria are used to classify an asset as part of <em>CIs</em> based on data from various nations. The methodology adopted involved analyzing public documents that evaluated the definitions and assessment criteria of <em>CIs</em> from 12 countries and organizations. The study’s results provide a technical understanding of the criteria used to define Critical Infrastructures <em>CIs</em> among the analyzed countries, highlighting a predominance of criteria related to people, social aspects, economic factors, geographic considerations, and interdependencies. These findings indicate a consistent alignment among the studied nations regarding the criteria that define their respective <em>CIs</em>. These findings have practical implications for risk and asset managers, equipping them with the necessary knowledge to apply CI assessment methodologies effectively.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"49 ","pages":"Article 100761"},"PeriodicalIF":4.1,"publicationDate":"2025-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144084681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-05-07DOI: 10.1016/j.ijcip.2025.100764
Fellipe Sartori da Silva , Thiago Magalhães Lessa , José Alexandre Matelli
With the increasing frequency and severity of disasters threatening energy systems, resilience has emerged as a crucial concept in the energy field, addressing the consequences of high-impact, low-probability (HILP) events. Despite its importance, there remains a lack of consensus on how to assess resilience, with energy generation systems, particularly thermal power plants, receiving limited attention in existing investigations. This study advances the development of a robust method for resilience evaluation in energy generation systems through an innovative graphical analysis applied to four cogeneration plants. The proposed method introduces two novel parameters: operability and generation indexes. The decay curves of the operability index reveal an initial downward curvature followed by an inflection point, while the generation index exhibits a sharp decline during the first hours of operation. Efforts to enhance resilience in the early design phase should focus on mitigating these patterns. The derivatives of the curves identified key periods of operational instability, specifically, the initial phase and the most degrading periods. Improved system conditions reduced these instabilities by minimizing the amplitude of the derivative peaks. By integrating the curves, the relative area under the graphs was quantified, revealing that the studied configurations utilizing gas turbines experienced greater sensitivity to HILP events. These findings underscore the importance of proactive resilience strategies tailored to the design and operational characteristics of energy systems.
{"title":"Resilience in cogeneration systems: Graphical analysis of novel indexes and system behavior under failure scenarios","authors":"Fellipe Sartori da Silva , Thiago Magalhães Lessa , José Alexandre Matelli","doi":"10.1016/j.ijcip.2025.100764","DOIUrl":"10.1016/j.ijcip.2025.100764","url":null,"abstract":"<div><div>With the increasing frequency and severity of disasters threatening energy systems, resilience has emerged as a crucial concept in the energy field, addressing the consequences of high-impact, low-probability (HILP) events. Despite its importance, there remains a lack of consensus on how to assess resilience, with energy generation systems, particularly thermal power plants, receiving limited attention in existing investigations. This study advances the development of a robust method for resilience evaluation in energy generation systems through an innovative graphical analysis applied to four cogeneration plants. The proposed method introduces two novel parameters: operability and generation indexes. The decay curves of the operability index reveal an initial downward curvature followed by an inflection point, while the generation index exhibits a sharp decline during the first hours of operation. Efforts to enhance resilience in the early design phase should focus on mitigating these patterns. The derivatives of the curves identified key periods of operational instability, specifically, the initial phase and the most degrading periods. Improved system conditions reduced these instabilities by minimizing the amplitude of the derivative peaks. By integrating the curves, the relative area under the graphs was quantified, revealing that the studied configurations utilizing gas turbines experienced greater sensitivity to HILP events. These findings underscore the importance of proactive resilience strategies tailored to the design and operational characteristics of energy systems.</div></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"49 ","pages":"Article 100764"},"PeriodicalIF":4.1,"publicationDate":"2025-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143928465","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号